JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.245.148.221

157.245.148.221 was found in our database!

This IP was reported 745 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.245.148.221

Whois 157.245.148.221

IP Abuse Reports for 157.245.148.221:

This IP address has been reported a total of 745 times from 214 distinct sources. 157.245.148.221 was first reported on August 22nd 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇾 Rizzy	2025-05-09 16:40:16 (1 year ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇮🇩 hermawan	2025-05-09 14:13:29 (1 year ago)	[Fri May 09 20:44:46.974934 2025] [security2:error] [pid 23867:tid 140584203314880] [client 157.245. ... show more [Fri May 09 20:44:46.974934 2025] [security2:error] [pid 23867:tid 140584203314880] [client 157.245.148.221:52773] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "300" at REQUEST_HEADERS:Keep-Alive. [file "/etc/modsecurity/coreruleset-4.14.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "298"] [id "440004"] [msg "Keep Alive Header"] [data "Matched Data: 300 found within REQUEST_HEADERS:Keep-Alive: 300 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "aB4GzmL92sof9kPyO66ZZQAAAJE"], referer ppg.uin-antasari.ac.id/wp-login.php [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[23936] [H6pjK6yMTQ4] [aB4GzmL92sof9kPyO66ZZQAAAJE] keep_alive=[0] [2025-05-09 20:44:46.974938] [R:aB4GzmL92sof9kPyO66ZZQAAAJE] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36' Host:'staklim-jatim.bmkg.go.id' COOKIE:'SERVERID=ab3410db3b25df9d0f87bc25c9fb85 ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-05-09 12:44:29 (1 year ago)	[Fri May 09 19:00:32.034715 2025] [security2:error] [pid 84628:tid 139839496251072] [client 157.245. ... show more [Fri May 09 19:00:32.034715 2025] [security2:error] [pid 84628:tid 139839496251072] [client 157.245.148.221:60658] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "300" at REQUEST_HEADERS:Keep-Alive. [file "/etc/modsecurity/coreruleset-4.14.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "298"] [id "440004"] [msg "Keep Alive Header"] [data "Matched Data: 300 found within REQUEST_HEADERS:Keep-Alive: 300 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "aB3uYGTRo-__wsenuqtV5AAAARw"], referer https://dev.stmi.ac.id//wp-login.php [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[84708] [o9iQtmqVhgk] [aB3uYGTRo-__wsenuqtV5AAAARw] keep_alive=[0] [2025-05-09 19:00:32.034719] [R:aB3uYGTRo-__wsenuqtV5AAAARw] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36' Host:'staklim-jatim.bmkg.go.id' COOKIE:'affinity=deleted; __cf_bm=WqWRPiGEHQ3E ... show less	Hacking Web App Attack
Anonymous	2025-05-09 11:13:19 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇮🇩 BPS-StatisticsIndonesia	2025-05-09 09:32:56 (1 year ago)	XML RPC Scan Activities	Brute-Force Web App Attack
🇺🇸 mawan	2025-05-08 16:27:10 (1 year ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
🇮🇩 hermawan	2025-05-08 12:07:31 (1 year ago)	[Thu May 08 19:07:00.438532 2025] [security2:error] [pid 192203:tid 140053632243392] [client 157.245 ... show more [Thu May 08 19:07:00.438532 2025] [security2:error] [pid 192203:tid 140053632243392] [client 157.245.148.221:59962] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "300" at REQUEST_HEADERS:Keep-Alive. [file "/etc/modsecurity/coreruleset-4.14.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "298"] [id "440004"] [msg "Keep Alive Header"] [data "Matched Data: 300 found within REQUEST_HEADERS:Keep-Alive: 300 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "aByeZA3KAiAOryZckGri7wAAAEk"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[192264] [aQvgr6ZQO98] [aByeZA3KAiAOryZckGri7wAAAEk] keep_alive=[0] [2025-05-08 19:07:00.438537] [R:aByeZA3KAiAOryZckGri7wAAAEk] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36' Host:'staklim-jatim.bmkg.go.id' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8' Accept-Langua ... show less	Hacking Web App Attack
🇮🇩 Burayot	2025-05-08 10:18:21 (1 year ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 157.245.148.221 (SG/Singapore/-): 2 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 157.245.148.221 (SG/Singapore/-): 2 in the last 3600 secs show less	Web App Attack
🇺🇸 mawan	2025-05-07 13:11:36 (1 year ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
🇮🇩 Ridwan Na'im	2025-05-03 17:30:47 (1 year ago)	Multiple web server 400 error codes from same source ip. - Vulnerability Scanning	Hacking Web App Attack
🇸🇬 pusathosting.com	2025-05-03 13:12:03 (1 year ago)	2ds22 bruteforce	Brute-Force Web App Attack
🇮🇩 hermawan	2025-05-03 12:24:23 (1 year ago)	[Sat May 03 19:11:47.228973 2025] [security2:error] [pid 612234:tid 140681720886976] [client 157.245 ... show more [Sat May 03 19:11:47.228973 2025] [security2:error] [pid 612234:tid 140681720886976] [client 157.245.148.221:61460] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "300" at REQUEST_HEADERS:Keep-Alive. [file "/etc/modsecurity/coreruleset-4.13.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "296"] [id "440004"] [msg "Keep Alive Header"] [data "Matched Data: 300 found within REQUEST_HEADERS:Keep-Alive: 300 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/"] [unique_id "aBYIA63C9qE1ht4BOaz7nwAAACc"] [staklim-malang.info] [staklim-malang.info] top=[612325] [cjzDK6LGjj8] [aBYIA63C9qE1ht4BOaz7nwAAACc] keep_alive=[0] [2025-05-03 19:11:47.228979] [R:aBYIA63C9qE1ht4BOaz7nwAAACc] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36' Host:'staklim-malang.info' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8' Accept-Language:'en-US,en;q=0.5 ... show less	Hacking Web App Attack
🇺🇸 mawan	2025-05-03 11:54:43 (1 year ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
🇮🇩 Ridwan Na'im	2025-05-02 14:06:38 (1 year ago)	Multiple web server 400 error codes from same source ip. - Vulnerability Scanning	Hacking Web App Attack
🇺🇸 ipblock.com	2025-05-02 11:59:00 (1 year ago)	IPBlock protected site ID [3192-af][s=02]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack

Showing 1 to 15 of 745 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 217.154.61.249

🇧🇷 205.210.31.200

🇩🇰 146.70.89.147

🇰🇷 140.238.18.9

🇫🇮 135.181.182.250

🇳🇱 77.83.39.156

🇫🇷 75.119.152.142

🇺🇸 66.132.186.200

🇺🇸 63.135.161.22

🇬🇧 35.203.211.114

🇨🇳 223.73.58.156

🇨🇳 218.25.89.208

🇺🇸 216.218.206.67

🇰🇷 210.222.46.15

🇺🇸 207.246.106.68

🇺🇸 205.210.31.32

🇳🇱 204.76.203.51

🇨🇱 190.21.212.222

🇳🇱 93.123.109.114

🇧🇷 45.232.87.217